[LEAPSECS] Bulletin C and all that
Zefram
zefram at fysh.org
Tue Feb 10 17:36:38 EST 2015
Rob Seaman wrote:
>I'm very much enjoying the dueling perl / python and CRC / SHA competition here :-)
Perl vs Python is of no significance. I use Perl for my example code
merely because it's more familiar to me; the same algorithms can be coded
either way. CRC vs SHA is of slightly greater significance (see below).
>On Feb 10, 2015, at 9:45 AM, Zefram <zefram at fysh.org> wrote:
>> I think it's a safe bet that AAAA lookups
>> will be commonly available before we exceed the 16-bit range.
>
>One hopes, but the A lookups would then already be in the field.
The way to deal with that is to also have an AAAA encoding from day one.
The AAAA encoding can trivially have a much bigger range, such as 32
bits for offset. Applications using the A encoding would be more common
initially, but as IPv6 progressively comes to predominate applications
will probably naturally switch to the AAAA encoding. It'll largely
be a function of which version of IP an application author is more
familiar with, in cases where it's not dictated by the facilities of a
particular platform. By the time the A format runs out of range, IPv4
should be thoroughly dead, and the A RRtype a historical curio that one
would never seek out by default.
>The main benefit realized here is of 12-bits versus 8-bits. The fraction
>of false positives will be identical overall for 8-bits of this versus
>8-bits of pseudorandom that.
Given random distractor data, yes. My concern is more about the risk
of colliding with some other protocol. A CRC is relatively likely to be
selected independently by someone else trying to encode non-address data
in A records, or by virtue of the linear structure to arise by accident
from bitwise processing of addresses. A ones-complement checksum is
similarly linear and relatively non-arbitrary. Hence:
>> same encoding as I suggested for DTAI but using a different magic number in
>> the check field computation.
>
>I like that gimmick. Any comments on how you selected the magic number?
>Is the value you used well known?
The magic number is meant to be specific to this protocol, never used
anywhere else. Cryptographically its role is almost as a MAC key
(except not secret), and the intent is that the strings that get fed
to SHA-1 should not be strings that would arise for any other reason.
I got the specific number from /dev/random, today. It's not a purely
uniform selection from the 64-bit string space: I applied some limitation
of the keyspace to avoid it looking like text or naturally-occurring data.
You can find the generator program I used (mkmagic) and an essay that
I wrote about magic numbers at <https://www.fysh.org/~zefram/magic/>.
The essay explains the selection criteria.
-zefram
More information about the LEAPSECS
mailing list